Prev: FREE MAC!
Next: iTunes 9 and iPod hard drives
From: dorayme on 20 Mar 2010 15:21
In article <200320100846506211%nospam(a)nospam.invalid>,
nospam <nospam(a)nospam.invalid> wrote:

> In article <80k74uFac7U1(a)mid.individual.net>, Jeffrey Goldberg
> <nobody(a)goldmark.org> wrote:
>
> > The OS has no way to know whether what you are opening it with will run
> > the JavaScript or not.
>
> obviously, it needs to. the way it works now is *broken*.

What do you imagine the fix would be like that prevents someone
dragging a dangerous .html file (if there could be such on a Mac)
to a browser window via the (say) the drawer in TextWrangler?
There would hav to be some sort of flag on the file to say where
it came from (the internet!) and to intervene with a warning if
it was dragged over *any* browser.

It is not broken, it is attempting to warn of the great danger
that is imagined *at the gate*.

--
dorayme
From: Jeffrey Goldberg on 20 Mar 2010 16:50
On 2010-03-20 2:21 PM, dorayme wrote:

> It is not broken, it is attempting to warn of the great danger
> that is imagined *at the gate*.

It actually is the consequence of a bad security design on OS X. This
warning about opening downloaded "executable" content was Apple's
half-assed attempt to plug a much larger hole.

It's easiest to explain the problem by analogy to a Windows problem that
was used often about 10 years ago to trick users into running dangerous
content.

One the Windows of the day, default configurations didn't display file
name extensions. So malicious mail attachments or downloads would have
names like

readme.txt.exe

The user would only see "readme.txt" and think that this was safe.
Things like "pamala_anderson.gif.exe" were common. Anyway, this allowed
a mismatch between what kind of file the user thought they were opening
and how the thing would actually open.

On Macs this trick is achieved by having some executable (say a shell
script) but in the resource fork giving it an icon that would be
associated with something harmless, say a PDF. Thus someone could
download something that will look like a PDF in the Finder but actually
run a program when opened.

A few years ago there were some proof of concept demonstrations of this
for OS X. Apple had the choice then of disallowing user created icons
for files (and thus getting at the real weakness) or of doing something
else. The warning system we now have about downloaded "dangerous types"
is the something else. Certainly this system can be improved, but it
will always fall short as long as the OS allows users to be presented
with apparent file types that don't correspond to the real types.

-j

--
Jeffrey Goldberg http://goldmark.org/jeff/
I rarely read HTML or poorly quoting posts
Reply-To address is valid
First  |  Prev  | 
Pages: 1 2 3
Prev: FREE MAC!
Next: iTunes 9 and iPod hard drives